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1. 



(currently amended) A method for broadcast encryption, comprising; 



assigning each user in a group of users respective private information I u ; 



selecting at least one session encryption key K; 



partitioning users not in a revoked set R into disjoint subsets S^.-^S^ having associated 
subset keys L^.-Xfo,; [and] 

encrypting the session key K with the subset keys Lj,,. ...1^ to render m encrypted versions 
of the session key 

partitioning the users into groups S. S„. wherein "w w is an integer, and the groups 

ggtabUsh subtrees in a tree, wherein, each subsgt Sh.^S^ jnclwjeg all toyqs fa a subtree rooted at 
soroejnode v t . at least each rarie in the subtree being associated wherein 
content is provided to users in at least one message defining a header, and the header includes at most 
rjJog(N/r) subset keys and encryprioris^wAereiii^s,^ revoked set R and 

NJs .the total number of users, 

- 2. (canceled). 

3. (currently amended) The method of Claim [211, wherein the tree is a complete binary tree* 

4. (original) The method of Claim 1 , further comprising using private information I u to decrypt 
the session key. 
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5. (original) The method of Claim 4, wherein the act of decrypting includes using information 
ij such that a user belongs to a subset and retrieving a subset key Lg using the private information of the 
user. 

6. (canceled). 

7. (canceled). 

8. (currently amended) The method of Claim [611. wherein each user must store log N keys, 
wherein N is the total number of users. 

9. (currently amended) Th e method of Claim 6 A method for broadcast e ncryption, ronyrising: 
assigning each user in a group of users respective private information I v : 

selecting at least one session encryption kev K: 

partitioning users not in a revoked set R into disjoint subsets S) having associated 

subset kevs L L^: fandl 

encrypting the session kev K with the subset keys L , L to render m encrypted versions 

of the session key K: 

partitioning the users into groups S , ....>S T .. wherein "w" is an integer, and the groups 
establish subtrees in a tree, wherein each subset S n . ». ^-includes all leaves in a subtree rooted at 
soniejiode V,. at Jeast each node io the subtree being associated with a respective subset kev . wherein 

IQ53-I21AM2 
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content is provided to users in at least one message, and wherein each user processes the message 
using at most log log N operations plus a single decryption operation, wherein N is the total number 
of users. 

10. (currently amended) The method of Claim [6JI ♦ wherein the revoked set R defines a spanning 
tree, and subtrees having roots attached to nodes of the spanning tree define the subsets. 

11. (currently amended) The method of Claim [2]!., wherein the tree includes a root and plural 
nodes, each node having at least one associated label , and wherein each subset includes all leaves in a subtree 
rooted at some node v ; that are not in the subtree rooted at some other node v j that descends from v,. 

12. (currently amended) The m e thod of Claim 1 1 A method for broadcast encryption, comprising: 
assigning each user in a group of users respective private information I„ : 

selecting at least one session encryption key K: 

partitioning users not in a revoked set R into disjoint subsets S^^S^ having associated 
subset keys L^...!^ : 

encrypting the session kev K with the subset kevs L n to render m encrypted versions 

of the session key K: 

partitioning the users into groups S S„.. wherein "w" is an integer, and the groups 

establish subtrees in a tree, wherein the tree includes a root and, plural nodes, each node having at 
least one associated label, and wherein each subset includes all leaves in a subtree rooted at some 
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node Vi that are not in the subtree rooted at some other node that descends from v, . wherein content 
is provided to users in at least one message defining a header, and the header includes at most 2r~l 
subset keys and encryptions, wherein r is the number of users in the revoked set R. 

13. (currently amended) Th e method of Claim 11 A method for broadcast encryption, comprising: 
assigning each user in a group of users respective private information I,, : 

selecting at least one session encryption kev K: 

partitioning users not in a revoked &t R in\<? disjoint subsets Su....S tol havin g associated 
subset keys L, . ....i«- : 

encrypting the session kev K with the subset kevs L, L... to render m encrypted versions 

of the session kev K: 

partitioning the users into groups S , S^. wherein "w* is an integer, and the groups 

establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node having at 
least one associated label, and wherein each subset includes all leaves in a subtree rooted at some 
node v ; that are not in the subtree rooted at some other node v, that descends from v... wherein each 
user must store .Slog 2 N + ,5log N + 1 keys, wherein N is the total number of users. 

14. ( currently amended) The method of Claim 1 1 A method for broadcast encryption, comprising: 
assigning each user in a group of users respective private information I n : 

^lectins at least o™? session encryption key K; 
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partitioning users not in a revoked_set R into disjoint subsets S |.....S^ having associated 

encrypting the session key K with the subset kevs L, , ....... ,1^ to render m encrypted versions 

of the session key K: 

partitioning the users into groups S , S^. wherein "w ft is an integer, and the p inups 

establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node having at 
least one associated label, and wherein each subset includes all leaves in a subtree rooted at some 
node v , that are not in the subtree rooted at some other node_Vj that descends from v» . wherein content 
is provided to users in at least one message, and wherein each user processes the message using at 
most log N operations plus a single decryption operation, wherein N is the total number of users. 

15. The mothod - of Claim 1 1 A method for broadcast encryption, comprising: 
assigning each user in a group of users respective private information I,, : 
selecting at least prig resign encryption fcgy K; 

partitioning users not in_a_reyoked setJR into disjoint subsets S S^. having associated 

subset kevs L,,,...!^: 

encrypting the session kev K with the subset kevs L to render m encrypted versions 

of the session key K: 

partitioning the users into groups S wherein "w " is an integer, and the groups 

establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node having at 
least one associated label, and wherein each subset includes all leaves in a subtree rooted at some 



I0K-12I.AI42 



PAGE 6/28 * RCVD AT 4/2&2005 6:22:49 PM (Eastern Daylight Time] * SVR:USPT0-EFXRF-1/1 * DNIS:8729306 * CSID:1 6193388078 * DURATION ^nm-ss):Q5-S6 



FROM ROGITZ 619 338 8078 



(TUE) APR 26 2005 15:24/SL 15:22/No. 6833031758 P 7 



CASE NO.: ARC9-2001-O0O5-US1 
Serial No.; 09/770,877 
April 26, 2005 
Page 7 



PATENT 
Filed: January 26, 2001 



node v t that arc not in the subtree rooted at some other node Vj that descends from wherein the 
revoked set R defines a spanning tree, and wherein the method includes: 
initializing a cover tree T as the spanning tree; 

iteratively removing nodes from the cover tree T and adding nodes to a cover until the cover 
tree T has at most one node. 

16, Th e m e thod of Cla i m 11 A method for broadcast encryp tion, comprising: 
assig ning each user in a g roup of users respective private information T u ! 
selecting at least one session encryption key K: 

partitioning users not in a revoked set R into disjoint subsets S^^.S^ having associated 
subset kevs L L^: 

encrypting the session key K with the subset keys L M to render m encrypted versions 

of the session key K: 

partitioning the _userjs^into_gr_oups_S 1 S w . wherein "w" is an integer, and the groups 

establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node having at 
least one associated label, and wherein each subset includes all leaves in a subtree rooted at some 
node V: that are not in the subtree rooted at some other node that descends from v. . wherein each 
node has at least one label possibly induced by at least one of its ancestors, and wherein each user 
is assigned labels from all nodes hanging from a direct path between the user and the root but not 
from nodes in the direct path. 
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PAGE 7128 ' RCVD AT 412612005 6:22:49 PM [Eastern Daylight Time] * SVR:USPT0-ff XRF-1/1 * DNIS:8729306 * CSID: 1 6193388078 ' DURATION (mm-ss):05-56 



FROM ROGITZ 619 338 8078 



(TUE) APR 26 2005 1 5 : 24/ST. 1 5 :22/No. 6833031 758 P 8 



CASE NO.; ARC9-2001-0005-US1 
Serial No.: 09/770,877 
April 26, 2005 
Page 8 



PATENT 
Filed: January 26, 2001 



17. (original) The method of Claim 16, wherein labels are assigned to subsets using a 
pseudorandom sequence generator, and the act of decrypting includes evaluating the pseudorandom sequence 
generator. 

1 8 . (currently amended) S h e- m e thod of Claim * A method for broadcast encryption, comprising: 
assigning each user in a group of users respective private information I r - 

selectin g at least one session encryption key K: 

partitioning users not in a revoked set R into disjoint subsets S^..S - m having associated 
subset keys L. L_: and 

encrypting the session key K with the subset keys L f 1 to render m encrypted versions 

of the session key K . wherein content is provided to users in at least one message having a header 
including a cryptographic function , and die method includes prefix-truncating the cryptographic 
function E L . 

19. (currently amended) The method of Claim [2]i t wherein the tree includes a root and plural 
nodes, each node having an associated key, and wherein each user is assigned keys from all nodes in a direct 
path between a leaf representing the user and the root, 

20 . (currently amended) The method of Claim 1 A method for broadcast encryption, comp rising: 



assigning each user in a group of users respective private information I„ : 



selecting at least one session encryption key K: 
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partitioning users not in a revoked set R mto disioint_subsets_S. , ....S ir T1 having associated 
subset kevs L n , .L. M ; and 

encrypting the session kev K with the subset kevs L„ to render m encrypted versions 

of the session kev^K, wherein content is provided to users in at least one message defining plural 
portions, and each portion is encrypted with a respective session key. 

21 , (currently amended) A computer program device, comprising; 

a computer program storage device including a program of instructions usable by a computer, 
comprising: 

logic means for accessing a tree to identify plural subset keys; 
logic means for encrypting a message with a session key; 

logic means for encrypting the session key at least once with each of the subset keys to render 
encrypted versions of the session key; [and] 

logic means for sending the encrypted versions of the session key in a header of the message 
to plural stateless receivers, wherein logic means provide content to receivers in at least one message. 
and wherein each receiver processes the message using at most log log N operations plus a single 
decryption operation, wherein N is the total number of receivers , 

22* (original) The computer program device of Claim 21, further comprising: 

logic means for partitioning receivers not in a revoked set R into disjoint subsets S^.^S^ 
having associated subset keys Lu,...,!^. 



HBXI2I.AM2 
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23. (original) The computer program device of Claim 22, further comprising logic means for 
partitioning the users into groups S,,»».,S W , wherein "w" is an integer, and the groups establish subtrees in 
a tree. 

24. (original) The computer program device of Claim 21, further comprising logic means for 
using private information I u to decrypt the session key. 

25. (original) The computer program device of Claim 24, wherein the means for decrypting 
includes logic means for using information i } such that a receiver belongs to a subset Sj, and retrieving a key 
1^ from the private information of the receiver. 

26. (original) The computer program device of Claim 23, wherein each subset S^,,..^ includes 
all leaves in a subtree rooted at some node v ik at least each node in the subtree being associated with a 
respective subset key. 

27. (currently amended) Th e oomputer program - ctevie e- ofeOaim - 26 A computer program device- 
comprising: 

a computer program storage device including a program of instructions usable bv a computer, 
comprising: 



logic means for accessing a tree to identify plural subset keys: 



logic means for encrypting a message with a session key: 
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logic means for_encrvptinjL the session key at least once_with_each_of the subset kevs to render 
encrypted versions of the session key: 

logic means for sendi ng the encryp ted versions of the session kev in a header of the message 
to plural stateless receivers , wherein logic means provide content to receivers in at least one message 
defining a header, and the header includes at most r*log(N/r) subset keys and encryptions, wherein 
r is the number of receivers in the revoked set R and N is the total number of receivers. 

28. (original) The computer program device of Claim 26, wherein each receiver must store log 
N keys, wherein N is the total number of receivers* 



29 (canceled). 

30, (original) The computer program device of Claim 26, wherein the revoked set R defines a 
spanning tree, and subtrees having roots attached to nodes of the spanning tree define the subsets* 

31. (original) The computer program device of Claim 23, wherein the tree includes a root and 
plural nodes, each node having at least one associated label, and wherein each subset includes all leaves in 
a subtree rooted at some node v { that are not in the subtree rooted at some other node v } that descends from 
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32. (currently amended) Th e- comput e r - program devic e of - Clairo - 3 - 1 - A computer program device, 
comprising: 

a computer prpgram storage fcy 'm inking ft program of instruction usable try a ypmput^y, 
comprising: 

logic mgan$ for flossing ft tree \Q itfgn<irV plyral yufrsct Keys; 
logic means for encrypting a message with a session kev: 

logic means for encrypting the session kev at least once with each of the subset kevs to render 
encrypted versions of the session key: 

topic means for_sendinjLthe encrypted versions of the sessionkey in a header of the message 
to plural stateless receivers: 

logic means for partitioning receivers not in a revoked set R into disjoint subsets S f l .»..S in . 
having associated subset kevs L.. L ; _: 

tggfr M^fflS for panUi^ng t h ? U^rs into gr^pg j|,iM,$,>, wtiereip V" js aq ipteger, and 
the groups establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node 
havinp at least one associated label, and wherein each subset includes all leaves in a subtree rooted 
at some node v . that are pot in the subtree rooted at some other node v } that descends from v ; . 
wherein logic means provide content to receivers in at least one message defining a header, and the 
header includes at most 2r 1 subset keys and encryptions, wherein r is the number of receivers in the 
revoked set R. 
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33. (currently amended) Th e oomputor program davico of A computer program device. 



a computer program s torage device including a program of instructions usable bv a computer. 
comprising: 

logic means for accessing a tree to identify plural subset keys: 
logic means for encrypting a message with a session key: 

logic means for encrypting the session key at least once with each of the subset kevs to render 
encrypted versions of the session kev: 

logic means for sendingjhe encrypted versions of the session key in a header of the message 
to plural stateless receivers; 

logic means for partitioning receivers not in a revoked set R into disjoint subsets S, , ..,^^ 
having associated subset kevs Lj , L^ : 

logic mea ns for partitioning the users into groups S S-. wherein "w" is an integer, and 

the groups establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node 
having at least one associated label, and wherein each subset includes all leaves in a subtree rooted 
al some node v, that are not in the subtree rooted at some other node y j that descends from \ l m 
wherein each receiver must store .Slog 2 N + ,51og N +1 keys, wherein N is the total number of 
receivers, 

34. (currently amended) The comput e r program d e vic e- of Claim 31 A comput er program device, 
comprising: 

10S3-12I.AM2 



comprising: 
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a computer program storage device including a program of instructions usable bv a computer, 
comprising: 

logic means for accessing a tree tq identify plural sufrset fays; 
logic me am for encrypting a message with a session key: 

logic means for encrypting the session key at least once with each of the subset kevs to render 
encrypted versions of the session kev: 

logic means for sending the encrypted versions of the session kev in a header of the message 
to plural stateless receivers: 

logic means for partitioning receivers not in a revoked set R into disjoint subsets S^.^S^ 
having associated subset keys Lj t L^ : 

logic means for partitioning the users into groups S , ....^. wherein w w" is an integer, and 
the groups establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node 
having aj least one associated lafrfl, and wherein each yft&X incite a]| |eaye^ in a fitifrtre rwteti 
at some node v : that are not in the subtree rooted at some other_jrode Vj that descends from V |. 
wherein logic means provide content to receivers in at least one message, and wherein each receiver 
processes the message using at most log N operations plus a single decryption operation, wherein N 
is die total number of receivers. 

35 . (currently amended) Th e- oomput e r - progfam d e vic e- of Claim 31 A computer program device- 
comprising: 
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a computer program storage device including a program of instructions usable bv a computer. 
comprising: 

logic means for accessing a tree to identify plural subset keys: 
logic means for encrypting a message with a session Jkcv: 

logic means for encrypting the session kev at least once with each of the subset kevs to render 
encrypted versions of the session key: 

logic means for sending the encrypted versions of the session key, in a header of the message 
to plural stateless receivers: 

logic means for partitioning receivers not in a revoked set R into disjoint subsets S^^S^ 
having associated subset kevs L L to : 

topic meam for partitioning the users into ^roups,S l .....S w ^wherein V is an integer, and 
the groups establish subtrees in a tree, wherein the tree includes a root and plural nodes, each node 
having at least one associated label, and wherein eactLSubsetJ ncludes all leaves in a subtree rooted 
at some node v, that are not in the subtree rooted at some other node Vj that descends from v 8 . 
wherein the revoked set R defines a spanning tree, and wherein (original) The the computer program 
device includes: 

logic means for initializing a cover tree T as the spanning tree; and 
logic means for iteratively removing nodes from the cover tree T and adding nodes to a cover 
until the cover tree T has at most one node. 
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36. (original) The computer program device of Claim 35, wherein logic means assign labels to 
receivers using a pseudorandom sequence generator, and the labels induce subset keys. 



37, (original) The computer program device of Claim 36, wherein the means for decrypting 
includes evaluating the pseudorandom sequence generator. 



38. (currently amended) The oomput e r program dovioo of Claim 21 A computer program device. 



a computer program storage device including a program of instructions usable by a computer, 
comprising: 

logic means for accessing a tree to identify plural subset keys: 
logic means for encrypting a message with a session key: 

logic means for encrypting the session key at least once with each of the subset keys to render 
encrypted versions of the session kev: and 

logic means for sending the encrypted versions of the session kev in a header of the message 
to plural stateless receivers , wherein logic means provide content to receivers in at least one message 
having a header including a cryptographic function and (original) Th e the computer program 
device includes logic means for prefix-truncating the cryptographic function E L . 



comprising: 
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39. (original) The computer program device of Claim 23, wherein the tree includes a root and 
plural nodes, each node having an associated key, and wherein logic means assign each receiver keys from 
all nodes in a direct path between a leaf representing the receiver and the root* 

40. (currently amended) The c om p uter program dovioo of Claim 31 A computer program device. 



a computer program storage device including a program of instructions usable bv a computer. 
CWnprising; 

lopic means for accessing a tree to identify plural subset keys: 
lo gic means for encrypting a message with a session key: 

lopic means for encrypting the session kev at least once with each of the subset keys to render 
encrypted versions of the session kev: and 

logic means for sending the encrypted versions of the session key in a header of the message 
to plural s** **'^ r^tvyrg wherein logic means provide content to receivers in at least one message 
defining plural portions , and each portion is encrypted with a respective session key. 

41. (currently amended) A computer programmed with instructions to cause the computer to 
execute method acts including: 

encrypting broadcast content; [and] 
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sending the broadcast content eo plural stateless receivers and to at least one revoked receiver 
such that each stateless receiver can decrypt the content and the revoked receiver cannot decrypt the 
content 

partitioning the users into groups S. S._. wherein "w" is an integer, and the croups 

establish subtrees in a tree, wherein each subset S t . ....Si, includes all leaves in a subtree rooted at 
some node v,. at least each node in the subtree being associated with a respective subset kev. wherein 
content is provided to receivers in at least one message defining a header, and the header includes 
at most r»log(N/rt subset keys and encryptions, wherein r is the number of receivers in the revoked 
set R and N is the total number of receivers . 

42, (original) The computer of Claim 41, wherein the method acts further comprise: 
assigning each receiver in a group of receivers respective private information l u ; 
selecting at least one session encryption key K; 

partitioning all receivers not in a revoked set R into disjoint subsets S i|t ...S iin having 
associated subset keys L,,,,..,!^; and 

encrypting the session key K with the subset keys L^^L^ to render m encrypted versions 
of the session key K. 

43. (canceled). 
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44. (currently amended) The computer of Claim [43)41, wherein the tree is a complete binary 

tree, 

44. (canceled). 

45. (original) The computer of Claim 44, wherein the act of decrypting undertaken by the 
computer includes using information such that a receiver belongs to a subset Sg, and retrieving a key 1^ 
using the private information of the receiver. 

46. (canceled). 

47. (canceled). 

48. (currently amended) The computer of Claim [46)41, wherein each receiver must store log N 
keys, wherein N is the total number of receivers. 

49. (currently amended) The computer of Claim 46 A_computer_programmed_wjth_instructions 
to cause the computer to execute method acts including: 

encrypting broadcast content: and 

sending the broadcast content to plural stateless receivers and to at least one revoked receiver 
such that each stateless receiver can decrypt the content and the Tevoked receiver cannot decrypt the 
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content , wherein content is provided to receivers in at least one message, and wherein each receiver 
processes the message using at roost log log N operations plus a single decryption operation, wherein 
N is the total number of receivers. 

50. (currently amended) The computer of Claim (46]41, wherein the revoked set R defines a 
spanning tree, and subtrees having roots attached to nodes of the spanning tree define the subsets. 

51 * (original) The computer of Claim 41 [43], wherein the tree includes a root and plural nodes, 
each node having at least one associated label, and wherein each subset includes all leaves in a subtree rooted 
at some node v i that are not in the subtree rooted at some other node v, that descends from v t . 

52. (original) The computer of Claim 51, wherein content is provided to receivers in at least one 
message defining a header, and the header includes at most 2r-l subset keys and encryptions, wherein r is 
the number of receivers in the revoked set R. 

53. (original) The computer of Claim 51 ♦ wherein each receiver must store .Slog 2 N + ,51og N 
+ 1 keys, wherein N is the total number of receivers. 

54. (original) The computer of Claim 5 1 , wherein content is provided to receivers in at least one 
message, and wherein each receiver, processes the message using at most log N operations plus a single 
decryption operation, wherein N is the total number of receivers. 
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55* (original) The computer of Claim 51, wherein the revoked set R defines a spanning tree, and 
wherein the method acts undertaken by the computer further include: 
initializing a cover tree T as the spanning tree; 

iteratively removing nodes from the cover tree T and adding nodes to a cover until the cover 
tree T has at most one node, 

5$. (original) The computer of Claim 55, wherein the computer assigns node labels to receivers 
from the tree using a pseudorandom sequence generator. 

57, (original) The computer of Claim 56, wherein the act of decrypting undertaken by the 
computer includes evaluating the pseudorandom sequence generator. 

58* (currently amended) Th e computer of Claim 4 1 A computer programmed with instructions 

tft CaVKfg ttlg Cv-mpVter tft gfiSWte rets including: 

encrypting broadcast content: 

sending the broadcast content to plural stateless receivers and to at least one revoked receiver 
such that each stateless receiver can decrypt the content and the revoked receiver cannot decrypt the 
content , wherein content is provided to receivers in at least one message having a header including 
a cryptographic function E^, and the method acts undertaken by the computet include prefix- 
truncating the cryptographic function E, . 
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59. (currently amended) Tho computer of Claim 4 1 A computer programmed with instructions 
to cause the computer to execute method acts including: 

CTCrypting broadcast content; 

sending the broadcast content to plural stateless receivers and to at least one revoked receiver 
such that each stateless receiver can decrypt the content and the revoked receiver cannot decrypt the 
content , wherein content is provided to receivers in at least one message defining plural portions, and 
each portion is encrypted by the computer with a respective session key, 

60. (original) The method of Claim 1 1 , wherein each node has plural labels with each ancestor 
of the node inducing a respective label, and wherein each user is assigned labels from all nodes hanging from 
a direct path between the user and the root but not from nodes in the direct path. 

61-64. (canceled). 

65. (previously presented) A receiver of content, comprising; 
means for storing respective private information 1^ 

means for receiving at least one session encryption key K encrypted with plural subset keys, 
the session key encrypting content; and 

means for obtaining at least one subset key using the private information such that the session 
key K can be decrypted to play the content* wherein the receiver receives content in at least one 
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message defining a header, and the header includes at most r*log(N/r) subset keys and encryptions, 
wherein r is the number of receivers in a revoked set R and N is the total number of receivers. 

66. (original) The receiver of Claim 65, wherein the receiver is partitioned into one of a set of 

groups S, wherein "w" is an integer, and the groups establish subtrees in a tree defining nodes and 

leaves. 

67. (original) The receiver of Claim 66, wherein subsets S n derived from the set of groups 

S,,...,S W define a cover, 

68. (canceled). 

69. (original) The receiver of Claim 67, wherein the receiver must store log N keys, wherein N 
is the total number of receivers. 

70. (previously presented) A receiver of content* comprising: 
means for storing respective private information I„; 

means for receiving at least one session encryption key K encrypted with plural subset keys, 
the session key encrypting content; and 

means for obtaining at least one subset key using the private information such that the session 
key K can be decrypted to play the content* wherein the receiver receives content in at least one 
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message defining a header, and wherein the receiver processes the message using at most log log N 
operations plus a single decryption operation, wherein N is the total number of receivers. 

71. (original) The receiver of Claim 67, wherein a revoked set R defines a spanning tree, and 
subtrees having roots attached to nodes of the spanning tree define the subsets. 

72. (original) The receiver of Claim 67 1 wherein the tree includes a root and plural nodes, each 
node having at least one associated label, and wherein each subset includes all leaves in a subtree rooted at 
some node V; that are not in the subtree rooted at some other node Vj that descends from v,. 

73. (previously presented) A receiver of content, comprising: 
means for storing respective private information 1^; 

means for receiving at least one session encryption key K encrypted with plural subset keys, 
the session key encrypting content; and 

means for obtaining at least one subset key using the private information such that the session 
key K can be decrypted to play the content, wherein the receiver receives content in a message having 
a header including at most 2r-l subset keys and encryptions, wherein r is the number of receivers in 
the revoked set R. 

74. (previously presented) A receiver of content, comprising: 
means for storing respective private information I u : 
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means for receiving at least one session encryption key K encrypted with plural subset keys, 
the session key encrypting content; and 

means for obtaining at least one subset key using the private information such that the session 
key K can be decrypted to play the content, wherein the receiver must store ,51og 2 N + ,5)qg N + 1 
keys, wherein N is the total number of receivers. 

75. (previously presented) A receiver of content, comprising: 
means for storing respective private information I u ; 

means for receiving at least one session encryption key K encrypted with plural subset keys, 
the session key encrypting content; and 

means for obtaining at least one subset key using the private information such that the session 
key K can be decrypted to play the content, wherein content is provided to the receiver in at least one 
message, and wherein the receiver processes the message using at most log N operations plus a single 
decryption operation, wherein N is the total number of receivers. 

76. (original) The receiver of Claim 72, wherein the receiver decrypts the subset key by 
evaluating a pseudorandom sequence generator. 

77. (previously presented) A receiver of content, comprising; 



a data storage storing respective private information I u ; 
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a processing device receiving at least one session encryption key K encrypted with plural 
subset keys, the session key encrypting content, the processing device obtaining at least one subset 
key using the private information such that the session key K can be decrypted to play the content, 
wherein the receiver receives content in at least one message defining a header, and wherein the 
receiver processes the message using at most log log N operations plus a single decryption operation, 
wherein N is the total number of receivers. 

78. (original) The receiver of Claim 77, wherein the receiver is partitioned into one of a set of 
groups S|,*».,S W , wherein "w" is an integer, and the groups establish subtrees in a tree. 

79. (original) The receiver of Claim 78, wherein subsets S i( , . . . ^ derived from the set of groups 
S( S w define a cover. 

80. (original) The receiver of Claim 79, wherein the receiver receives content in at least one 
message defining a header, and the header includes at most r*log(N/r) subset keys and encryptions, wherein 
r is the number of receivers in a revoked set R and N is the total number of receivers* 

81 ♦ (original) The receiver of Claim 79, wherein the receiver must store log N keys, wherein N 
is the total number of receivers. 

82. (canceled). 



1093-J21.AM2 



PAGE 26/28 • RCVD AT 4/26/2005 6:22:49 PM [Eastern Daylight Time] ' SVR:USPT0-EFXRF-1/1 * DNIS:8729306 ' CSID:16193388078 ' DURATION (mm-ss):05-66 



FROM ROG I T2 619 338 8078 



(TUE) APR 26 2005 1 5 : 28/ST. 15:22/No. 6833031 758 P 27 



CASE NO.: ARC9-2001-O005-US1 
Serial No.: 09/770,877 
April 26,2005 
Page 27 



PATENT 
Filed: January 26, 2001 



83. (original) The receiver of Claim 79, wherein one revoked set R defines a spanning tree, and 
subtrees having roots attached to nodes of the spanning tree define the subsets. 

84. (original) The receiver of Claim 79, wherein the tree includes a root and plural nodes, each 
node having at least one associated label, and wherein each subset includes all leaves in a subtree rooted at 
some node that are not in the subtree rooted at some other node Vj that descends from v,. 

85. (original) The receiver of Claim 84, wherein the receiver receives content in a message having 
a header including at most 2r-l subset keys and encryptions, wherein r is the number of receivers in the 
revoked set R. 

86. (original) The receiver of Claim 84, wherein the receiver must store .Slog 2 N + .Slog N + 1 
keys* wherein N is the total number of receivers. 

87. (original) The receiver of Claim 84, wherein content is provided to the receiver in at least 
one message, and wherein the receiver processes the message using at most log N operations plus a single 
decryption operation, wherein N is the total number of receivers. 

88. (original) The receiver of Claim 84, wherein the receiver decrypts the subset key by 
evaluating a pseudorandom sequence generator. 
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89-94 (canceled). 

95. (currently amended) The computer of Claim [42]41, wherein the act of partitioning is 
undertaken by a system computer in a system of receivers separate from the system computer. 

96. (currently amended) The computer of Claim [42]4l , wherein the act of partitioning is 
undertaken by a receiver computer. 

97. (original) The receiver of Claim 67. wherein the receiver derives the subsets in the cover. 

98. (previously presented) The computer of Claim 41, wherein the method acts include using 
private information 1^ to decrypt the session key. 
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